Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

FTP on AWS using ALB

0

Hi All, I'm currently working on a Lift & Shift program. We have an existing FTP server in DC which needs to be moved to AWS. We proposed a solution by keeping the FTP server in a private subnet and exposed using an NLB(elastic IP assigned) which is provsioned in a public subnet. One of the reviewers made a comment about going for an AWS ALB and keep a WAF infront of this to protect. Existing proposal is to protect using NACL at Subnet level and SG at instance level.

Is it advisable to use an ALB to meet this requirement?

Thanks Suhas

Temas
Redes y entrega de contenido
Etiquetas
Balanceo de carga elástica
Idioma
English
SVen
preguntada hace 9 meses876 visualizaciones
2 Respuestas
1
Respuesta aceptada

Hello.
ALB is a load balancer that operates at Layer 7.
Only HTTP and HTTPS can be used as ALB protocols.
Therefore, it is not possible to set ALB at the front of the FTP server.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application/introduction.html

It is also not recommended to FTP to the public.
If you do, we recommend using Site to Site VPN or Client VPN to encrypt your communications.
Setting up a VPN allows connections using private IP addresses.
https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/what-is.html
https://docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html

profile picture
EXPERTO
Riku_Kobayashi
respondido hace 9 meses
0

Thanks Riku for your response on this, this is my understanding as well. In this case we can't have a site to site VPN - there are solutions under review to replace this legacy solution.

SVen
respondido hace 9 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante